IT security news on the latest technology and the number one resource for your hardware and software needs.
Visit us at www.hyphenet.com

Wednesday, July 24, 2013

Sandboxes Application Attacks: System Keeps on Advancing

[caption id="attachment_11397" align="alignleft" width="300"] Image courtesy of [Ventrilock] / FreeDigitalPhotos.net[/caption]In computer security, a sandbox is the surveillance structure for separating running programs. Sandbox's are used to execute untested code, or suspicious programs from unknown third-parties, suppliers, and untrusted uses and websites. Sandbox applications are on the attack and malware systems keep advancing outsmarting these applications. Sandbox applications usually isolate threats and protect endpoints from malware attacks, the protection is not forceful enough against advanced malware attacks.

Rahul Kashyap, chief security architect of Bromium stated, "Outlined threat vectors sandboxes could not effectively block in a Pen-Tester's Perspective". Not to say these sandboxes are not working, but pointing out the fact that people look at these sandboxes as fail-proof, so other security measures are often not considered.

It's as if a dead bolt lock on the front door of your home is going to keep all away. Even if there is a home security alarm installed, burglars can still enter and rob you.

The Attack

Bromium labs grouped these attacks into two categories:

One that bypasses the complete sandbox

One that exploits to succeed without breaking the sandbox

The bypass techniques focus on exposing Windows OS and the sandbox itself. The other includes post-exploitation scenarios, like keylogging, remote access, hijacking contents, screen scraping, stealing files, and getting into networking shares.

IT and network administrators shouldn't rely completely on sandboxes. Administrators should continue to practice other security options to keep systems from vulnerabilities. Executing malware within a sandbox is not safe, because malware is sophisticated enough to do severe damage to systems.